Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed1a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.046 X-Spam-Evidence: '*H*': 0.91; '*S*': 0.00; 'fixes': 0.07; 'machines.': 0.09; 'python': 0.11; "wouldn't": 0.14; '(actually': 0.16; 'anyone?': 0.16; 'from:addr:torriem': 0.16; 'from:name:michael torrie': 0.16; 'segfault': 0.16; 'wrote:': 0.18; '>>>': 0.22; 'memory': 0.22; 'header:User-Agent:1': 0.23; 'test.': 0.24; 'header:In-Reply-To:1': 0.27; 'am,': 0.29; 'points': 0.29; "doesn't": 0.30; 'code': 0.31; '(since': 0.31; "d'aprano": 0.31; 'steven': 0.31; 'writes:': 0.31; 'running': 0.33; 'comment': 0.34; 'updated': 0.34; "can't": 0.35; 'but': 0.35; 'version': 0.36; "didn't": 0.36; 'shows': 0.36; 'message-id:@gmail.com': 0.38; 'whatever': 0.38; 'to:addr:python-list': 0.38; 'does': 0.39; 'to:addr:python.org': 0.39; 'received:org': 0.40; 'how': 0.40; 'course': 0.61; 'different': 0.65; 'charset:windows-1252': 0.65; 'due': 0.66; 'here': 0.66; 'latest': 0.67; 'lack': 0.78; 'vulnerable': 0.84 X-Virus-Scanned: amavisd-new at torriefamily.org Date: Tue, 03 Feb 2015 10:31:54 -0700 From: Michael Torrie User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: python-list@python.org Subject: Re: Ghost vulnerability References: <75fe0f21-3ffb-4649-ad06-0dcbdad631fa@googlegroups.com> <54d0aeb9$0$12994$c3e8da3$5496439d@news.astraweb.com> In-Reply-To: <54d0aeb9$0$12994$c3e8da3$5496439d@news.astraweb.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 30 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1422984725 news.xs4all.nl 2858 [2001:888:2000:d::a6]:44710 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:85165 On 02/03/2015 04:19 AM, Steven D'Aprano wrote: > Anssi Saari wrote: > >> Rustom Mody writes: >> >>> How many people (actually machines) out here are vulnerable? >>> >>> > http://security.stackexchange.com/questions/80210/ghost-bug-is-there-a-simple-way-to-test-if-my-system-is-secure >>> >>> shows a python 1-liner to check >> >> Does that check actually work for anyone? That code didn't segfalt on my >> vulnerable Debian system but it did on my router which isn't (since the >> router doesn't use glibc). Oh and of course I can't comment on >> stinkexchange since I don't have whatever mana points they require... > > Here's the one-liner: > > python -c 'import socket;y="0"*50000000;socket.gethostbyname(y)' > > > I think it is likely that y="0"*50000000 would segfault due to lack of > memory on many machines. I wouldn't trust this as a test. I ran it on both my servers (each running a different version of the OS) which were recently updated to Red Hat's latest version of glibc that fixes the problem, and both of them segfault with this one liner.